Decrypting RSA with Obsolete and Weakened Encryption

March 14th, 2016

A new vulnerability that affects HTTPS and other services that rely on Secure Socket Layer (SSL) has been discovered. Decrypting RSA with Obsolete and Weakened eNcryption (better known as DROWN), as the name suggests, only affects systems with weak encryption enabled, such as SSLv2.

Is my server vulnerable?

None of Globalscape's products support SSLv2 by default—but it is still available and can be enabled by the customer. A server is vulnerable if it allows SSLv2 connections or its private key is used on any other server that allows SSLv2 connections.

How can I be sure?

For security's sake, do an audit of all of your systems to ensure that none of your websites, mail servers, file servers, and so on have SSLv2 enabled. According to the DROWN Attack website:

"Merely allowing SSLv2, even if no legitimate clients ever use it … allows an attacker to decrypt modern TLS connections between up-to-date clients and servers by sending probes to any server that supports SSLv2 using the same private key….Even if you’re certain that you have SSLv2 disabled on your HTTPS server, you may be reusing your private key on another server that does support SSLv2. We recommend manually inspecting all servers that use your private key. "

The website https://drownattack.com/ provides a tool in which you can check whether your private key is exposed elsewhere on the Internet.

More information

If you who have to meet PCI DSS requirements, you should know that this year the standard is being revised to address issues with SSL. But you don't have to wait for the standard to be updated to move away from insecure versions of SSL in your network.